What is Malware?
Malware is short for malicious application or code that intentionally harms or exploits any programmable device, network, or computer system. Cybercriminals designed the application to disrupt, damage, and gain unauthorized access to computer systems. It can be damaged through infected email attachments, software downloads, websites, or removable devices. Malware mainly focuses on confidentiality, compromising data integrity, and system functionality that can harm individuals or organizations.
There are so many types of malwares that can harm organizations such as viruses, worms, Trojan Horse (Trojan), Ransomware, Spyware, Adware, Rootkit, Keylogger, Botnet (Bot + Networks), and Fileless Malware.
Virus:
A computer virus is a malicious code that harms legitimate files or programs. This virus replicates and spreads by inserting its code into another program which executes when the infected program is run.
Works in the system: It replicates by inserting copies into other programs and files in the computer system. Because of this, system performance can corrupt, delete data, and slow down.
Spreading way in the system: Email attachments, USB drives, pirated software.
For instance: ILOVEYOU Virus (2000)– Virus spread via email, disguised as a love letter, causing billions in damage across the world.
Worm:
A worm is a self-replicating program that spreads automatically all over the network without any user action. It can damage to system and networks.
Works in the system: Worms don’t need to attach to existing files. They exploit network vulnerabilities to propagate and consume bandwidth or overload systems.
Spreading way in the system: Via networks, emails, and unpatched operating systems.
For instance: WannaCry (2017)– Ransomware worm that affected systems in more than 150 countries by exploiting Windows vulnerabilities globally.
Trojan Horse (Trojan):
Trojan Horse is a type of malware that conceal itself as legitimate software to gain access to a computer system. It appears as legitimate software but carries a hidden malicious function.
Works in the system: Once installed, it allows hackers to steal data, install more malware, or take control of the system.
Spreading way in the system: Downloaded software, fake ads, cracked software.
For instance: Zeus Trojan – It is used to steal banking information and data by logging keystrokes and redirecting transactions.
Ransomware:
Ransomware encrypts user data and locks the system then it can demand pay especially in cryptocurrency for the decryption key.
Works in the system: It encrypts all the files on the system and displays a ransom note or threatens to delete or leak data, if not paying.
Spreading way in the system: Phishing emails, malicious links, or file downloads.
For instance: CryptoLocker, REvil, LockBit, WannaCry
Spyware:
This software is designed to secretly collect data from the device without the user’s acknowledgment. Also, monitor user activities and send them to attackers.
Works in the system: Spyware tracks browsing habits, keystrokes, passwords, or screenshots without the user’s knowledge.
Spreading way in the system: Bundled software, email attachments, malicious websites
For instance: DarkHotel- This malware mainly focuses on hotel guests by stealing confidential business information.
Adware:
Adware combines characteristics of both adware and a computer virus. It displays intrusive ads or redirects web traffic to generate revenue for its creators.
Works in the system: It injects ads into browsers or collects user behaviour data to serve personalized ads.
Spreading way in the system: Freeware, shareware, and toolbars.
For instance: Fireball – It mainly works on hijacked browsers to generate ad revenue and track user activity.
Rootkit:
Rootkit provides access to a computer without the users’ knowledge. It virus designed to hide their presence and can be difficult to detect and remove.
Works in the system: It installs deep within the OS and can disable security software, hide processes, and control the system remotely.
Spreading way in the system: Phishing, insecure downloads, or exploiting software flaws
For instance: Sony BMG Rootkit (2005) – This malware was used in music CDs to prevent piracy but opened security holes.
Keylogger:
Keylogger is also known as a keystroke and keyboard that captures to form of malware and hardware. The virus keeps track and records that users type keywords in the system. It gets all the data and sends it to hackers using a command-and-control (C&C) server.
Works in the system: Keylogger captures sensitive data like usernames, passwords, and banking information, and sends it to cybercriminals.
Spreading way in the system: USB devices, infected software, trojans
For instance: Refog, Ardamax – This is commercial keyloggers are often used in spying and hacking attempts.
Botnet (Bot + Network):
A botnet is a network of compromised computers and devices controlled by hackers to perform various cyberattacks.
Works in the system: Used to launch coordinated attacks such as DDoS, spam campaigns, or crypto mining
Spreading way in the system: Malware infections on IoT devices, unprotected PCs
For instance: Mirai Botnet (2016) – This malware brought down major sites like Netflix and Twitter using IoT devices.
Fileless Malware:
Fileless malware operates directly in a computer’s memory (RAM) instead of relying on files stored on the hard drive.
Works in the system: Resides in memory, and uses built-in tools like PowerShell or WMI to perform malicious actions.
Spreading way in the system: Phishing, malicious macros in Word or Excel.
For instance: Astaroth, POSHSPY – Both are used in targeted attacks against enterprises.
Found this article interesting? Follow us on X(Twitter) and LinkedIn to read more exclusive content we post.
IThRk YREWJT PmTkm zevIx bUG hfAtp
7sofm8